Bump zgosalvez/github-actions-ensure-sha-pinned-actions from 3.0.22 to 3.0.23 (#1026)

dependabot[bot] · web-flow · commit f9b0813a6215 · 2025-03-31T20:09:30.000Z
Bumps [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions) from 3.0.22 to 3.0.23. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases">zgosalvez/github-actions-ensure-sha-pinned-actions's releases</a>.</em></p> <blockquote> <h2>v3.0.23</h2> <h2>What's Changed</h2> <ul> <li>Bump eslint from 9.20.1 to 9.23.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/pull/220">zgosalvez/github-actions-ensure-sha-pinned-actions#220</a></li> <li>Bump actions/cache from 4.2.0 to 4.2.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/pull/218">zgosalvez/github-actions-ensure-sha-pinned-actions#218</a></li> <li>Bump zgosalvez/github-actions-get-action-runs-using-version from 2.0.20 to 2.0.21 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/pull/217">zgosalvez/github-actions-ensure-sha-pinned-actions#217</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/compare/v3...v3.0.23">https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/compare/v3...v3.0.23</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/commit/4830be28ce81da52ec70d65c552a7403821d98d4"><code>4830be2</code></a> Bump zgosalvez/github-actions-get-action-runs-using-version (<a href="https://redirect.github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/issues/217">#217</a>)</li> <li><a href="https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/commit/588e1fadfd31582c10608fc42e9af18311623771"><code>588e1fa</code></a> Bump actions/cache from 4.2.0 to 4.2.2 (<a href="https://redirect.github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/issues/218">#218</a>)</li> <li><a href="https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/commit/ec9aa20e39971675d3495fc61dfbbcb0449ba660"><code>ec9aa20</code></a> Bump eslint from 9.20.1 to 9.23.0 (<a href="https://redirect.github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/issues/220">#220</a>)</li> <li>See full diff in <a href="https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/compare/25ed13d0628a1601b4b44048e63cc4328ed03633...4830be28ce81da52ec70d65c552a7403821d98d4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zgosalvez/github-actions-ensure-sha-pinned-actions&package-manager=github_actions&previous-version=3.0.22&new-version=3.0.23)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -556,7 +556,7 @@ jobs:
 
       # The next action simply fails if there are any unpinned actions.
       - name: Verify that all workflow actions have pinned versions
-        uses: zgosalvez/github-actions-ensure-sha-pinned-actions@25ed13d0628a1601b4b44048e63cc4328ed03633
+        uses: zgosalvez/github-actions-ensure-sha-pinned-actions@4830be28ce81da52ec70d65c552a7403821d98d4
 
       # If we didn't fail the previous check, go on to more time-consuming ones.
       - name: Install actionlint
